# Report 2019-12

## News

 - [China due to introduce face scans for mobile users](https://www.bbc.co.uk/news/world-asia-china-50587098)
 - [Apple admits iPhone 11 Pro still collects location data even when told not to](https://9to5mac.com/2019/12/04/collects-location-data/)
 - [The Curse of Outdated DRM Claims Another Victim, 'Tron: Evolution'](https://www.vice.com/en_us/article/3kxx8b/the-curse-of-oudated-drm-claims-another-victim-tron)
 - [Mozilla removes Avast and AVG extensions from add-on portal over snooping claims](https://www.zdnet.com/article/mozilla-removes-avast-and-avg-extensions-from-add-on-portal-over-snooping-claims/)
 - [Privacy Analysis of Tiktok’s App and Website](https://rufposten.de/blog/2019/12/05/privacy-analysis-of-tiktoks-app-and-website/)
 - [Behind the One-Way Mirror: A Deep Dive Into the Technology of Corporate Surveillance](https://www.eff.org/wp/behind-the-one-way-mirror)
 - [Open Rights Group joins international outcry over UK government calls to access private messages](https://www.openrightsgroup.org/press/releases/2019/open-rights-group-joins-international-outcry-over-uk-government-calls-to-access-private-messages)
 - [Privacy International study shows your mental health is for sale](https://privacyinternational.org/long-read/3194/privacy-international-study-shows-your-mental-health-sale)
 - [If Logged Into Facebook, Oculus VR Data Will Now Be Used For Ads](https://uploadvr.com/facebook-ads-vr/)
 - [Your DNA for Sale: 23andMe, Drug Giant Make $300 Million Dea](https://www.tomsguide.com/us/23andme-gsk-dna-data-deal,news-27685.html)
 - [Disqus delte persondata om titalls millioner internettbrukere uten at nettsidene visste om det](https://nrkbeta.no/2019/12/18/disqus-delte-persondata-om-titalls-millioner-internettbrukere-uten-at-nettsidene-visste-om-det/)
 - [Cloud Vulnerabilities Expose Millions Of Child-Tracking Smartwatches](https://www.ibtimes.com/cloud-vulnerabilities-expose-millions-child-tracking-smartwatches-2888641)
 - [France Fines Google for Mistreating Search Advertisers](https://www.wsj.com/articles/france-fines-google-for-mistreating-search-advertisers-11576836560)
 - [Smartphones Are Spies. Here’s Whom They Report To](https://www.nytimes.com/interactive/2019/12/20/opinion/location-tracking-smartphone-marketing.html)
 - ['The Rise of Skywalker' Is a Preview of Our DRM-Fueled Dystopian Future](https://www.vice.com/en_us/article/7kz9zg/the-rise-of-skywalker-is-a-preview-of-our-drm-fueled-dystopian-futur)
 - [French government to scan social media for tax cheats](https://www.bbc.com/news/world-europe-50930094)
 - [Pharmacy fined £275K for GDPR violation](https://gdpr.report/news/2019/12/30/privacy-pharmacy-fined-275k-for-gdpr-violation/)

## Data Breaches

 - [2.7 billion email addresses exposed online, more than 1 billion of them include passwords](https://www.comparitech.com/blog/information-security/2-7-billion-email-addresses-exposed-online/)
 - [Millions of SMS messages exposed in database security lapse](https://www.databreaches.net/millions-of-sms-messages-exposed-in-database-security-lapse/)
 - [Data trove containing more than 750,000 applications for US birth certificates is found exposed online – and ANYONE can download the sensitive documents](https://www.dailymail.co.uk/sciencetech/article-7774239/More-750-000-applications-birth-certificates-exposed-online.html)
 - [A Data Leak Exposed The Personal Information Of Over 3,000 Ring Users](https://www.buzzfeednews.com/article/carolinehaskins1/data-leak-exposes-personal-data-over-3000-ring-camera-users)
 - [170m passwords stolen in Zynga hack, monitor says](https://www.theguardian.com/games/2019/dec/19/170m-passwords-stolen-in-zynga-words-with-friends-hack-monitor-says)
 - [Honda Exposes Vehicle Owner Records on the Web](https://securitydiscovery.com/honda-exposes-vehicle-owner-records-on-the-web/)
 - [LifeLabs reveals data breach, possibly affecting up to 15 million Canadians](https://globalnews.ca/news/6308439/lifelabs-data-breach/)
 - [Wawa Announces Data Breach Potentially Affecting More Than 850 Stores](https://www.nytimes.com/2019/12/20/business/wawa-data-breach.html)
 - [IoT vendor Wyze confirms server leak](https://www.zdnet.com/article/iot-vendor-wyze-confirms-server-leak/)

## Paper

 - [Are cookie banners indeed compliant with the law? Deciphering EU legal requirements on consent and technical means to verify compliance of cookie banners](https://arxiv.org/abs/1912.07144)
